The certification authority (CA) issues and signs digital certificates at the request of a registration authority.

The CA is one of the entities that provide the trust element of the PKI. Parties relying on a digital certificate trust the CA to have correctly included the certificate holder's public key, and other details, in the digital certificate, and to have digitally signed the digital certificate to validate its authenticity and integrity.